Common Secure Shell passwords unveiled

nihilist

Expert Member
Joined
Sep 8, 2005
Messages
4,521
Code:
rpm@mybroadband.co.za's password:12345
rpm@mybroadband.co.za:~$ su
sudo password:12345
root@mybroadband.co.za:~$ rm -rf /
root@mybroadband.co.za:~$ ^D
 

magneto

Senior Member
Joined
Aug 3, 2005
Messages
751
that list is longer than just 5 u/p's , tisk tisk.

ROFL pwn3d . . . not ;)

Code:
rpm@mybroadband.co.za's password:12345
rpm@mybroadband.co.za:~$ su
sudo password:12345
root@mybroadband.co.za:~$ rm -rf /
root@mybroadband.co.za:~$ ^D
 
Last edited:

ruan567

Senior Member
Joined
Feb 8, 2006
Messages
709
Best thing one can do along with a strong SSH password is to run the SSH daemon on a non-standard port. That blocks out 80% of all these script kiddies who have a tendency to scan port 22 only.

Also, firewalling out all IP ranges except your own will be good but it is not always practical.
 

AntiThesis

Executive Member
Joined
Jul 30, 2005
Messages
5,451
Those are some retarded passwords.

And pfft, everyone knows rpm's password is cara ;)
 

Fearl3$$

Well-Known Member
Joined
Jan 22, 2009
Messages
216
It actually show's how Ignorant most Admins are as well... We mostly think that our users will not think of that easy to guess passwords to get into a system... But do not always think of those that are not a normal "l"user and wants to get in to your systems and cause some problems...
 

Cost Conscious

Senior Member
Joined
Feb 12, 2008
Messages
654
Thing that irritates me is over-zealous web-masters like banks that insist on creating a convoluted password that you can't remember and have to commit to writing down somewhere.

Forcing you to change your PW every month ends up creating: pwordjan pwordfeb pwordmar etc etc all self-defeating.
 

GforceD

Executive Member
Joined
Apr 13, 2010
Messages
7,337
Most common password is still: *********

What no way I've the same password!

also some common passwords are swear words, not so clever when you have to give your password to your mom.

I used to work at a company and I knew over 30 different peoples passwords some where wierd like
Aphr0dity (the greek goddess of love) and some like "patch" was the name of a dog.
but the longest was 12 letters 3 numbers and a wildcard and it was a totally nonsense word.
I would tell you what it was but I may want to use it in the future
 

Hackson

Senior Member
Joined
May 9, 2010
Messages
503
I use the same password on all my site. From FB to twitter to gmail to Y! mail to my phone to my linux to my windows to everything even ssh here @ school :D
 

milomak

Honorary Master
Joined
May 23, 2007
Messages
12,517
this reminds me to do my password review for information critical sites.
 

murraybiscuit

Executive Member
Joined
Oct 10, 2008
Messages
6,483
oi vey. this is ridiculous.
nice tip on changing the default port...
i think i may just do that on my new server.
 

Oiram

Active Member
Joined
Nov 18, 2009
Messages
64
PC: Please enter new password
Me: OK, [types in "Penis"]
PC: Sorry, your password is too short
 

nihilist

Expert Member
Joined
Sep 8, 2005
Messages
4,521
It actually show's how Ignorant most Admins are as well... We mostly think that our users will not think of that easy to guess passwords to get into a system... But do not always think of those that are not a normal "l"user and wants to get in to your systems and cause some problems...

My experience has been that, even if I force long alpha numeric passwords, people in the end just write them down and stick them on the monitor or desk drawer and share them with their friends.
 
Top